192055 matches found
Astra Linux - уязвимость в chromium
Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в unbound
A vulnerability called “Non-Responsive Delegation Attack” NRDelegation Attack has been discovered in various DNS resolution software. The NRDelegation Attack operates by creating a malicious delegation with a significant number of non-responsive name servers. The attack begins by querying a...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Before version 114.0.5735.90, using Swiftshader in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of “after free” in Cast in Google Chrome before version 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The incorrect security UI in BFCache in Google Chrome prior to version 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
The use of “after free” in Printing in Google Chrome before version 119.0.6045.105 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through those gestures. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
The use of after free in Profiles in Google Chrome before version 119.0.6045.105 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through those gestures. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
The use of Mojo after free in Google Chrome before version 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Using “after free” in FedCM in Google Chrome before version 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в firefox
A malicious website can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been exploited in a spoofing attack. This vulnerability affects Firefox versions earlier than 119...
Astra Linux - уязвимость в ghostscript
A buffer overflow vulnerability exists in the cljmediasize function in devices/gdevclj.c within Artifex Ghostscript 9.50. This vulnerability allows remote attackers to cause a denial of service or other unspecified impacts by opening crafted PDF documents...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the Netfilter subsystem of the Linux kernel. The nfnlosfaddcallback function did not validate the optnum field controlled by the user mode. This flaw allows a local privileged attacker with CAPNETADMIN privileges to trigger an out-of-bounds read, resulting in a system cra...
Astra Linux - уязвимость в ansible
There exists an absolute path traversal attack within the Ansible automation platform. This flaw allows an attacker to create a malicious Ansible role and have the victim execute that role. A symbolic link can be used to overwrite a file that is outside of the extraction path...
Astra Linux - уязвимость в postgresql-11
A late privilege drop in the REFRESH MATERIALIZED VIEW CONCURRENTLY operation in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. This feature enables the owner of the materialized view to run SQL functions, thereby allowing for the safe refreshing of...
Astra Linux - уязвимость в chromium
Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of after-free in Downloads in Google Chrome before version 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the Sign-In process in Google Chrome prior to version 1.3.36.351 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the UI of Google Chrome prior to version 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...